Re: [PATCH] crypto: fips - make proc files report fips module name and version
From: Vlad Dronov
Date: Tue Jun 21 2022 - 10:36:06 EST
Hi,
On Mon, Jun 20, 2022 at 11:40 PM Randy Dunlap <rdunlap@xxxxxxxxxxxxx> wrote:
>
> Hi--
>
> On 6/20/22 06:16, Vladis Dronov wrote:
> > diff --git a/crypto/Kconfig b/crypto/Kconfig
> > index 1d44893a997b..082ff03d9f6c 100644
> > --- a/crypto/Kconfig
> > +++ b/crypto/Kconfig
> > @@ -33,6 +33,27 @@ config CRYPTO_FIPS
> > certification. You should say no unless you know what
> > this is.
> >
> > +config CRYPTO_FIPS_NAME
> > + string "FIPS Module Name"
> > + default "Linux Kernel Cryptographic API"
> > + depends on (CRYPTO_FIPS)
>
> No parentheses.
>
> > + help
> > + This option sets the FIPS Module name reported by the Crypto API via
> > + the /proc/sys/crypto/fips_name file.
> > +
> > +config CRYPTO_FIPS_CUSTOM_VERSION
> > + bool "Use Custom FIPS Module Version"
> > + depends on (CRYPTO_FIPS)
>
> Ditto.
>
> > + default n
> > +
> > +config CRYPTO_FIPS_VERSION
> > + string "FIPS Module Version"
> > + default "(none)"
> > + depends on (CRYPTO_FIPS_CUSTOM_VERSION)
>
> Ditto.
>
> > + help
> > + This option provides the ability to override the FIPS Module Version.
> > + By default the KERNELRELEASE value is used.
>
> --
> ~Randy
Oh dang, indeed. Thanks, Randy.
Let me post v2 to this same thread to reduce separate threads.
Best regards,
Vladis Dronov | Red Hat, Inc. | The Core Kernel | Senior Software Engineer